package cn.iutils.sys.controller;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import cn.iutils.common.ResultVo;
import cn.iutils.common.utils.UserUtils;
import cn.iutils.sys.entity.User;
import cn.iutils.sys.service.PasswordHelper;
import cn.iutils.sys.service.UserService;
import org.apache.shiro.authc.ExcessiveAttemptsException;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.LockedAccountException;
import org.apache.shiro.authc.UnknownAccountException;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;

import cn.iutils.common.BaseController;
import org.springframework.web.bind.annotation.RequestMethod;

/**
 * 登录控制器
 * 
 * @author cc
 */
@Controller
@RequestMapping(value = "${adminPath}")
public class LoginController extends BaseController {

	@Autowired
	UserService userService;

	@Autowired
	private PasswordHelper passwordHelper;

	/**
	 * 获取异步登录界面
	 * @param response
	 * @return
	 */
	@RequestMapping("/ajaxLogin")
	public String ajaxLogin(HttpServletResponse response){
		ResultVo resultVo = null;
		//获取用户登录信息 验证已登录，返回登录信息
		String userName = UserUtils.getLoginUserName();
		if(userName!=null){
			resultVo = new ResultVo(ResultVo.SUCCESS,"1","登录成功",null);
			return renderString(response,resultVo);
		}else{
			return "ajaxLogin";
		}
	}

	/**
	 * 登录处理
	 * @param request
	 * @param response
	 * @param model
	 * @return
	 */
	@RequestMapping("/login")
	public String login(HttpServletRequest request,HttpServletResponse response, Model model) {
		//判断是否来自请求
		String mobile = request.getParameter("mobile");
		if(mobile==null){
			//获取用户登录信息 验证已登录，跳转到管理页
			String userName = UserUtils.getLoginUserName();
			if(userName!=null){
				return "redirect:" + adminPath;
			}
			String exceptionClassName = (String) request
					.getAttribute("shiroLoginFailure");
			model.addAttribute("username", request.getParameter("username"));
			String error = null;
			if (UnknownAccountException.class.getName().equals(exceptionClassName)) {
				error = "用户名/密码错误";
			} else if (IncorrectCredentialsException.class.getName().equals(
					exceptionClassName)) {
				error = "用户名/密码错误";
			} else if (ExcessiveAttemptsException.class.getName().equals(
					exceptionClassName)) {
				error = "错误次数太多，请一分钟后再试";
			} else if (LockedAccountException.class.getName().equals(
					exceptionClassName)) {
				error = "帐号被锁定，请联系管理员解锁";
			}else if (exceptionClassName != null) {
				error = "未知的错误，请联系管理员";
			}
			model.addAttribute("msg", error);
			if (request.getParameter("forceLogout") != null) {
				error = "您已经被管理员强制退出，请重新登录";
				model.addAttribute("msg", error);
			}
			return "login";
		}else{
			String userName = UserUtils.getLoginUserName();
			if(userName!=null){
				return renderString(response,1);//登录成功
			}else{
				return renderString(response,0);//登录失败
			}
		}
	}

}
